<?php
if (isset ( $_POST ['ok'] )) {
	if ($_POST ['username'] == NULL) {
		echo "Please enter your username<br />";
	} else {
		$u = $_POST ['username'];
	}
	if ($_POST ['password'] == NULL) {
		echo "Please enter your password<br />";
	} else {
		$p = $_POST ['password'];
	}
	if ($u && $p) {
		$conn = mysql_connect ( "localhost", "root", "" ) or die ( "can't connect this database" );
		mysql_select_db ( "demo_mysql", $conn );
		$sql = "select * from user where username='" . $u . "' and password='" . $p . "'";
		$query = mysql_query ( $sql );
		if (mysql_num_rows ( $query ) == 0) {
			echo "Username or password is not correct, please try again";
		} else {
			header ("Location: list.php");
			echo "Username or password is correct";
			session_start ();
			session_register ( "userid" );
			session_register ( "level" );
			$_SESSION ['userid'] = $row [id];
			$_SESSION ['level'] = $row [level];
			
		}
	}
}
?>